Show cvss score

gardenlinux · Sep 19, 2024 · 1400383 · 1400383
1 parent 316daab
commit 1400383
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 8 deletions.
diff --git a/src/main/java/io/gardenlinux/glvd/UiController.java b/src/main/java/io/gardenlinux/glvd/UiController.java
@@ -19,7 +19,7 @@ public UiController(@Nonnull GlvdService glvdService) {
     @GetMapping("/getPackagesForDistro")
     public String getPackagesForDistro(
             @RequestParam(name = "gardenlinuxVersion", required = true) String gardenlinuxVersion,
-            @RequestParam(defaultValue = "cveId") final String sortBy,
+            @RequestParam(defaultValue = "sourcePackageName") final String sortBy,
             @RequestParam(defaultValue = "ASC") final String sortOrder,
             @RequestParam(required = false) final String pageNumber,
             @RequestParam(required = false) final String pageSize,
@@ -35,8 +35,8 @@ gardenlinuxVersion, new SortAndPageOptions(sortBy, sortOrder, pageNumber, pageSi
     @GetMapping("/getCveForDistribution")
     public String getCveForDistribution(
             @RequestParam(name = "gardenlinuxVersion", required = true) String gardenlinuxVersion,
-            @RequestParam(defaultValue = "cveId") final String sortBy,
-            @RequestParam(defaultValue = "ASC") final String sortOrder,
+            @RequestParam(defaultValue = "baseScore") final String sortBy,
+            @RequestParam(defaultValue = "DESC") final String sortOrder,
             @RequestParam(required = false) final String pageNumber,
             @RequestParam(required = false) final String pageSize,
             Model model

diff --git a/src/main/java/io/gardenlinux/glvd/db/SourcePackageCve.java b/src/main/java/io/gardenlinux/glvd/db/SourcePackageCve.java
@@ -1,9 +1,9 @@
 package io.gardenlinux.glvd.db;
 
-import jakarta.annotation.Nonnull;
-import jakarta.persistence.*;
-
-import java.util.Objects;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
 
 @Entity
 @Table(name = "sourcepackagecve")
@@ -28,6 +28,12 @@ public class SourcePackageCve {
     @Column(name = "cve_published_date", nullable = false)
     private String cvePublishedDate;
 
+    @Column(name = "base_score", nullable = true)
+    private Float baseScore;
+
+    @Column(name = "vector_string", nullable = true)
+    private String vectorString;
+
     @Column(name = "base_score_v40", nullable = true)
     private Float baseScoreV40;
 
@@ -37,6 +43,9 @@ public class SourcePackageCve {
     @Column(name = "base_score_v30", nullable = true)
     private Float baseScoreV30;
 
+    @Column(name = "base_score_v2", nullable = true)
+    private Float baseScoreV2;
+
     @Column(name = "vector_string_v40", nullable = true)
     private String vectorStringV40;
 
@@ -46,22 +55,29 @@ public class SourcePackageCve {
     @Column(name = "vector_string_v30", nullable = true)
     private String vectorStringV30;
 
+    @Column(name = "vector_string_v2", nullable = true)
+    private String vectorStringV2;
+
     public SourcePackageCve() {
     }
 
-    public SourcePackageCve(String cveId, String sourcePackageName, String sourcePackageVersion, String gardenlinuxVersion, boolean isVulnerable, String cvePublishedDate, Float baseScoreV40, Float baseScoreV31, Float baseScoreV30, String vectorStringV40, String vectorStringV31, String vectorStringV30) {
+    public SourcePackageCve(String cveId, String sourcePackageName, String sourcePackageVersion, String gardenlinuxVersion, boolean isVulnerable, String cvePublishedDate, Float baseScore, String vectorString, Float baseScoreV40, Float baseScoreV31, Float baseScoreV30, Float baseScoreV2, String vectorStringV40, String vectorStringV31, String vectorStringV30, String vectorStringV2) {
         this.cveId = cveId;
         this.sourcePackageName = sourcePackageName;
         this.sourcePackageVersion = sourcePackageVersion;
         this.gardenlinuxVersion = gardenlinuxVersion;
         this.isVulnerable = isVulnerable;
         this.cvePublishedDate = cvePublishedDate;
+        this.baseScore = baseScore;
+        this.vectorString = vectorString;
         this.baseScoreV40 = baseScoreV40;
         this.baseScoreV31 = baseScoreV31;
         this.baseScoreV30 = baseScoreV30;
+        this.baseScoreV2 = baseScoreV2;
         this.vectorStringV40 = vectorStringV40;
         this.vectorStringV31 = vectorStringV31;
         this.vectorStringV30 = vectorStringV30;
+        this.vectorStringV2 = vectorStringV2;
     }
 
     public String getCveId() {
@@ -88,6 +104,14 @@ public String getCvePublishedDate() {
         return cvePublishedDate;
     }
 
+    public Float getBaseScore() {
+        return baseScore;
+    }
+
+    public String getVectorString() {
+        return vectorString;
+    }
+
     public Float getBaseScoreV40() {
         return baseScoreV40;
     }
@@ -100,6 +124,10 @@ public Float getBaseScoreV30() {
         return baseScoreV30;
     }
 
+    public Float getBaseScoreV2() {
+        return baseScoreV2;
+    }
+
     public String getVectorStringV40() {
         return vectorStringV40;
     }
@@ -111,4 +139,8 @@ public String getVectorStringV31() {
     public String getVectorStringV30() {
         return vectorStringV30;
     }
+
+    public String getVectorStringV2() {
+        return vectorStringV2;
+    }
 }
diff --git a/src/main/resources/templates/getCveForDistribution.html b/src/main/resources/templates/getCveForDistribution.html
@@ -3,6 +3,19 @@
 <head>
     <title>GLVD: List vulnerabilities in distro</title>
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <style>
+        table {
+          table-layout: fixed;
+          width: 100%;
+        }
+
+        td {
+          overflow: hidden;
+          white-space: nowrap;
+          text-overflow: ellipsis;
+        }
+
+    </style>
 </head>
 <body>
 <p th:text="|Vulnerabilities list for Garden Linux ${gardenlinuxVersion}|" />
@@ -11,6 +24,8 @@
     <thead>
     <tr>
         <th>CVE ID</th>
+        <th>CVE Base Score</th>
+        <th>Vector String</th>
         <th>CVE Published Date</th>
         <th>Source Package</th>
         <th>Version</th>
@@ -19,6 +34,8 @@
     </thead>
     <tr th:each="item: ${sourcePackageCves}">
         <td th:text="${item.cveId}" />
+        <td th:text="${item.baseScore}" />
+        <td th:text="${item.vectorString}" />
         <td th:text="${item.cvePublishedDate}" />
         <td th:text="${item.sourcePackageName}" />
         <td th:text="${item.sourcePackageVersion}" />